Adding Domain Controller Server 2008

hellarda · 20 Dec 2010 at 10:24

Hi all,

Before any has a go at my for not knowing ANYTHING, i am not pretending to know much about server operating systems, i merely have a couple of spare machines lying around which i have installed 2008 on. I am using them for experimenting so i can try and learn as much as possible....im only 16.

right, I have installed Server 2008 on the first server, i set up Active directory Domain and created a new forest. i then installed server 2008 on VM on another machine, (this is because i don't want the primary machine running all the time as it is a rack server, so it sounds like my room is trying to take off

), on the secondary machine, i have also installed active Directory Domain Services and i tried to add it as a domain controller to the forest that i created on the primary machine. However when i type in the name of the domain on the 'network credentials' of the dcpromo.exe on the secondary machine i get

'An Active Directory domain controller for the domain xxxx-xxxxxx.local could not be contacted'

Error code 0x0000232B RCODE_NAME_EROR

Any help would be appreciated, but in nice simple terms would be good because i haven't got to grips with everything yet!

Just trying to learn guys

cheers

ali

Jacko197 · 20 Dec 2010 at 10:30

Sounds like your IP configuration is incorrect, did you assign the first server a static IP and point it to itself for DNS?

Then on the second machine do the same but point it to the first server for DNS

hellarda · 20 Dec 2010 at 10:41

err i set static IP's for both servers but set the DNS' for my ISP DNS servers.....so should i not use the two plusnet DNS servers i use on the other PC's and just point the first server to itself and the second server to the first one? wouldnt this mean that my internet connection is broken?

cheers

PS I have installed DNS Server on the first machine

Jacko197 · 20 Dec 2010 at 10:45

You want to set them to your internal DNS server, if that needs to find something it will send it to the root servers on the internet via your default gateway. You could if you wanted to set the DNS server to forward requests to your ISP, but its not needed unless your ISP states that you need to do so.

#Chri5# · 20 Dec 2010 at 10:47

The last thing you want to do in AD is to have devices using ISP DNS servers.

As above, the first DC should point to itself for DNS. Then configure the DNS server to use forwarders to query the ISP (eg PlusNet) DNS for records it doesn't have.

Your second server should point to the first server for DNS, then run dcpromo.

MS - Understanding Forwarders

hellarda · 20 Dec 2010 at 10:59

ok thanks will try that in a minute....

Now, the primary server will probably not be on all the time, but i need to be able to access the internet all the time, would i be right in saying that if i installed DNS server on the secondary machine, i could point all the client PC's to the primary server for the Preferred DNS server and point them to the secondary server (which will always be on) as the Alternate DNS server?

would this then provide redundancy for accessing the internet?

also would it impact speeds having to go through a VM as the DNS server?

(all machines are connected via gigabit to a switch and then to a router)

cheers

Jacko197 · 20 Dec 2010 at 11:09

Correct, you can point the primary DC to itself for primary DNS and add the second DC as alternative DNS. Then install DNS server on the second DC and point that to itself for primary DNS and the primary DC for alternative DNS. Then on your clients you can add both DNS server IP's and it will use the one thats available.

Once all thats done you can replicate the DNS zones from one DC to another via Active Directory.

You should be fine using a VM, its only DNS queries

hellarda · 20 Dec 2010 at 11:45

'replicate DNS zone from one DC to another via Active Directory' errr english please?

another quick question

the primary DC only has 270gb HDD space, and the second DC (in the VM has 100gb) the host for the VM is running Windows Home Server Vail, would it be possible to make the second dc look at the storage in WHS as SAN Storage, or to use it as NAS? so that i can store users data etc (because it will not fit in 100gb or 270gb)

cheers

Jacko197 · 20 Dec 2010 at 11:51

hellarda said:
'replicate DNS zone from one DC to another via Active Directory' errr english please?

When you create the DNS zones on the first server, it will give you the option to integrate them into active directory which will then replicate them to all other domain controllers in the forest. If you have already created them, then right click them and go to properties, then on the general tab you have Type, click change to get to the options.

hellarda said:
another quick question

the primary DC only has 270gb HDD space, and the second DC (in the VM has 100gb) the host for the VM is running Windows Home Server Vail, would it be possible to make the second dc look at the storage in WHS as SAN Storage, or to use it as NAS? so that i can store users data etc (because it will not fit in 100gb or 270gb)

What user data do you mean? Profiles, home drives etc?

hellarda · 20 Dec 2010 at 11:57

oh right cool cheers

yeh profiles, and home drives

because i have to test everything on my family, they need to have all there data in the same place or they get confused.....they cant even work out how to log on to the domain

Jacko197 · 20 Dec 2010 at 12:00

Yes you can then, share it on the first server then use the full full path for the references on your DC \\server\share

hellarda · 20 Dec 2010 at 12:11

hmm ok cheers, when i create the different folders for different users, will i need to create user accounts on WHS for each of them, and then apply permissions so that other users will not be able to access other users home drives. or will i just be able to add permissions for the users on the DC?

cheers

Jacko197 · 20 Dec 2010 at 12:16

When you create the users on the DC go to the profile tab and add the paths in like this \\server\share\%username% and it will create the folder and the relevant permissions.

The permissions will need to be tweaked a little to prevent home drive access to other users but depends on how clever your users are

hellarda · 20 Dec 2010 at 12:26

haha ok cheers....

right just changed the DNS server on second DC to look at the primary DC and it still says it cannot find the active directory domain... :/

the settings are

IP: 192.168.1.116
Subnet: 255.255.255.0
Default Gateway: 192.168.1.254
Preffered DNS: 192.168.1.115 (ip of primary DC)
Alternate DNS: 192.168.1.116 (ip of secondary DC)

any ideas?

thanks

Jacko197 · 20 Dec 2010 at 12:29

Can they ping each other?

Remove the alternative DNS too until its setup as a DC then add that later when you want to configure the secondary DNS server

hellarda · 20 Dec 2010 at 12:39

removed alternate DNS

the second DC can ping the primary DC with ip address but not by name?

hmm

ta

Jacko197 · 20 Dec 2010 at 12:40

On your DNS server have you created a primary zone?

hellarda · 20 Dec 2010 at 12:42

Jacko197 · 20 Dec 2010 at 12:49

Sounds like thats your problem then, open up the DNS mmc via admin tools on your DC, right click forward lookup zones > new zone > primary (AD integrated) > click next > leave as all DNS servers in domain > click next > call the zone name whatever you called your domain (domain.co.uk or whatever)

Reboot the server then open up DNS mmc again and check that your primary DC is listed in the new zone.

Once thats done open up a command prompt on the second server and type (ipconfig /registerdns) then check that its listed in DNS again.

hellarda · 20 Dec 2010 at 13:42

Right ok cheers will try that when I get home as I am out until tonight and will get back to you

Cheers for all the help mate